netdev-vport: Don't create port when ovs-monitor-ipsec not running.

[sliver-openvswitch.git] / lib / netdev-vport.c

diff --git a/lib/netdev-vport.c b/lib/netdev-vport.c
index 97cc170..8715109 100644 (file)
--- a/lib/netdev-vport.c
+++ b/lib/netdev-vport.c
@@ -26,6 +26,8 @@
 #include <sys/ioctl.h>
 
 #include "byte-order.h"
+#include "daemon.h"
+#include "dirs.h"
 #include "dpif-linux.h"
 #include "hash.h"
 #include "hmap.h"
@@ -716,6 +718,16 @@ parse_tunnel_config(const char *name, const char *type,
     }
 
     if (is_ipsec) {
+        char *file_name = xasprintf("%s/%s", ovs_rundir(),
+                "ovs-monitor-ipsec.pid");
+        pid_t pid = read_pidfile(file_name);
+        free(file_name);
+        if (pid < 0) {
+            VLOG_WARN("%s: IPsec requires the ovs-monitor-ipsec daemon",
+                    name);
+            return EINVAL;
+        }
+
         if (shash_find(args, "peer_cert") && shash_find(args, "psk")) {
             VLOG_WARN("%s: cannot define both 'peer_cert' and 'psk'", name);
             return EINVAL;